General
-
Target
ed6dcfe516c20b3c4e309f2529f456a5.exe
-
Size
5.8MB
-
Sample
240502-sb2p2abd2z
-
MD5
ed6dcfe516c20b3c4e309f2529f456a5
-
SHA1
faff36a4bed00a63a2efd4a894b4b2abcf229f7c
-
SHA256
56070412a6e7209e9119d7402952a04ef8063fb535ed4ce8abed661594077a01
-
SHA512
94a4b6171683971f3e94c6eec478cad3e5ff89f65a171ea3af4c79172fb282af4f68a7eae0004eb5eb6afc2303f14ffed426d8ce0e4d4e98e8b2d6fe3047b558
-
SSDEEP
98304:89FluRchsKtZ9qdhP4418frP3wbzWFimaI7dloW:81gKtZ9GwgbzWFimaI7dlZ
Static task
static1
Behavioral task
behavioral1
Sample
ed6dcfe516c20b3c4e309f2529f456a5.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ed6dcfe516c20b3c4e309f2529f456a5.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
ed6dcfe516c20b3c4e309f2529f456a5.exe
-
Size
5.8MB
-
MD5
ed6dcfe516c20b3c4e309f2529f456a5
-
SHA1
faff36a4bed00a63a2efd4a894b4b2abcf229f7c
-
SHA256
56070412a6e7209e9119d7402952a04ef8063fb535ed4ce8abed661594077a01
-
SHA512
94a4b6171683971f3e94c6eec478cad3e5ff89f65a171ea3af4c79172fb282af4f68a7eae0004eb5eb6afc2303f14ffed426d8ce0e4d4e98e8b2d6fe3047b558
-
SSDEEP
98304:89FluRchsKtZ9qdhP4418frP3wbzWFimaI7dloW:81gKtZ9GwgbzWFimaI7dlZ
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1